Any customers who are also using the FireEye system may want to set up additional rank or email classes for this rule so that they can be alerted to malware that may be attempting to bypass their FireEye appliance. FireEye has released an update for this that users should apply immediately, if they have not done so already. However, even once the issue has been patched, seeing the attempt of this bypass can be a valuable indicator of malicious activity on its own. This may be tried alongside future evasion attempts.